DOCKET NO.: REFH-0155 
Application No.: 10/623,262 
Office Action Dated: May 1, 2008 



PATENT 



This listing of claims will replace all prior versions, and listings, of claims in the application. 
Listing of Claims: 

All Previous Claims - (Cancelled) 

1 . (Previously Presented) A method for exchange of pseudonymous personal 
information between two or more data storage servers or within a data storage server in 
which the identities of persons, associated servers and/or associated organizations with which 
the personal information resides is pseudonymous, comprising: 

assigning a unique identification (UID) to a person having personal information for 
storage; 

registering the person with a pseudonymous proxy server as a user type with 
associated pseudonym and set of rules that control the person's access to stored data; 

providing a service provider identifier to the person that identifies the person to a 
service provider; 

the pseudonymous proxy server providing both the person's associated pseudonym 
and the service provider identifier with a random factor; 

transmitting a message from the person to the service provider through the 
pseudonymous proxy server, wherein the pseudonymous proxy server receives the message 
and, based on said set of rules that control the person's access to stored data, validates a 
relationship between the person, the service provider and/or a private data owner and 
transmits the message to the service provider if the relationship between the person and the 
service provider is validated; and 

said pseudonymous proxy server authorizing the person to view the private data 
owner's actual private data or pseudonyms for said private data based on said set of rules that 
control the person's access to stored data of said private data owner. 

2. (Previously Presented) The method of claim 1, wherein the pseudonymous proxy 
server controls unique identifications (UIDs) and sets of rules for respective persons among 
multiple servers in a hub and spoke network configuration. 
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3. (Previously Presented) The method of claim 1, wherein the pseudonymous proxy 
server controls unique identifications (UIDs) and sets of rules for respective persons among 
multiple servers in a network tree configuration. 

4. (Previously Presented) The method of claim 1, comprising the person encrypting said 
pseudonym. 

5. (Currently Amended) The method of claim 1, wherein the pseudonymous personal 
information is the person's medical records and the said two or more data storage servers are 
controlled by respective medical service providers, where said person and said respective 
medical service providers are permitted access to said person's medical records based on said 
set of rules, and wherein a transfer of said patient's medical records from one medical service 
provider to another medical service provider includes the replacing of the another medical 
service provider's name with a pseudonym, pseudonymizing the person's medical records in 
accordance with the another medical service provider's access rights, and providing the 
access rights to the another medical service provider based on authorization to the person's 
medical records as granted by the person. 
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